Account specific magic cookie?

Posted By: TomasDeml | May 31st, 2006 @ 2:25 AM
page 1 of 1
Comments: 2 | Views: 2866
#May 31st, 2006 @ 2:25 AM
TomasDeml
TomasDeml
Run Chiro, Run!
Hi,
does anybody know if there is something like a magic cookie that is specific to each user account under Windows and IS accessible ONLY when the account is logged in and CAN be retrieved via some API?

I'd like to use some sort of the cookie only accessible to an authenticated user for a password encryption...

Thanks.
#May 31st, 2006 @ 2:46 AM
Sven Groot
Sven Groot
You can't have everything; after all, where would you put it?
If it's for password encryption, have you considered using DPAPI? That can encrypt data so that only that user can decrypt it (available in Win2k+ only, though).

If you're using .Net, .Net 2.0 has built-in DPAPI support with the ProtectedData class. If you're using .Net 1.1 Google around a bit, there's a ton of DPAPI wrappers available.
#May 31st, 2006 @ 2:51 AM
TomasDeml
TomasDeml
Run Chiro, Run!
Sven Groot wrote:
If it's for password encryption, have you considered using DPAPI? That can encrypt data so that only that user can decrypt it (available in Win2k+ only, though).

If you're using .Net, .Net 2.0 has built-in DPAPI support with the ProtectedData class. If you're using .Net 1.1 Google around a bit, there's a ton of DPAPI wrappers available.


Thanks a lot! You saved me a day Wink
page 1 of 1
Comments: 2 | Views: 2866